Abstract

Phishing is a significant security threat to users of Internet services. Nowadays, phishing has become more resilient to detection and trace-back with the invention of Fast Flux (FF) service networks. We propose two approaches to correlate evidence from multiple DNS servers and multiple suspect FF domains. Real-world experiments show that our correlation approaches speed-up FF domain detection, based on an analytical model that we propose to quantify the number of DNS queries needed to confirm a FF domain. We also show how our correlation scheme can be implemented on a large scale by using a decentralized publish-subscribe correlation model called LarSID, which is more scalable than a fully centralized architecture.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Fast Flux Service Network Detection via Data Mining on Passive DNS Traffic
Pierangelo Lombardo ... Danilo Massa
-
Pierangelo Lombardo, et. al.Pierangelo Lombardo ... Danilo Massa
01 Jan 2018
TempR: Application of Stricture Dependent Intelligent Classifier for Fast Flux Domain Detection
Prabhjot Singh Chahal ... Surinder Singh Khurana
International Journal of Computer Network and Information Security | VOL. 8
Prabhjot Singh Chahal, et. al.Prabhjot Singh Chahal ... Surinder Singh Khurana
08 Oct 2016
Behavioral analysis of fast flux service networks
Alper Caglayan ... Dan Drapaeau
-
Alper Caglayan, et. al.Alper Caglayan ... Dan Drapaeau
13 Apr 2009
PASSVM: A highly accurate fast flux detection system
Basheer Al-Duwairi ... Ahmed S Shatnawi
Computers & Security | VOL. 110
Basheer Al-Duwairi, et. al.Basheer Al-Duwairi ... Ahmed S Shatnawi
09 Aug 2021
View more papers

More From: Journal of Networks

Paper Title
Journal
Date
Author
Pelgrimeren met een missie: Het Palestijnse ‘Kom en zie’-initiatief in cultuurwetenschappelijk en historisch-theologisch perspectief
Journal of Networks | VOL. -
01 Jan 2020
Overhead caused by WiFi on ZigBee Networks using Slotted CSMA/CA
Gerard Chalhoub ... Eric Perrier De La Bathie
Journal of Networks | VOL. 11
Gerard Chalhoub, et. al.Gerard Chalhoub ... Eric Perrier De La Bathie
28 Feb 2016
Analytical Coverage Probability of a Typical User In Heterogeneous Cellular Networks
Sinh Cong Lam Kumbesan Sandrasegaran
Journal of Networks | VOL. 11
Sinh Cong Lam Kumbesan SandrasegaranSinh Cong Lam Kumbesan Sandrasegaran
28 Feb 2016
Adaptive Control Channel Interval in VANET Based on Mobility Model and Queuing Network Analysis
Rendy Munadi ... Doan Perdana
Journal of Networks | VOL. 11
Rendy Munadi, et. al.Rendy Munadi ... Doan Perdana
28 Feb 2016
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.